System in a digital wireless data communication network for arranging end-to-end encryption and corresponding terminal equipment

ABSTRACT

The invention concerns a system in a digital wireless data communication network for arranging end-to-end encryption in which the data communication network two or more pieces of terminal equipment are communicating with one another, including at least means for management of encryption parameters (TEK, IV), an encryption key stream generator, means for encrypting a dataflow and for decrypting the encryption with the generated key stream segment (KSS, IV), and wherein at least one of the pieces of terminal equipment is adapted to function as a special server terminal device, which manages and distributes encryption parameters and encryption and/or synchronization applications to the other pieces of terminal equipment based on an established criterion and in the terminal equipment are arranged functionalities and means for downloading, saving, managing and carrying out the applications.

The invention concerns a system in a digital wireless data communicationnetwork for arranging end-to-end (e2e) encryption, especially fortransmission in audio form, in which data communication network two ormore pieces of terminal equipment are communicating with one another,wherein at least the following are included

-   -   a codec for converting the analog audio signal into a dataflow        and vice versa,    -   air-interface encryption means,    -   means for managing encryption key parameters stored in        connection with the terminal equipment    -   an encryption key stream generator for generating a key stream        segment with the said encryption parameters,    -   means for encrypting the dataflow and for decrypting the        encryption with the generated key stream segment,    -   means for synchronizing the encrypted dataflow and for        de-synchronization, and    -   at least one interface for receiving the encryption parameters        from the data communication network,        and wherein at least one of the pieces of terminal equipment        belonging to the data communication network is adapted to        operate as a special server terminal, which manages and        distributes at least encryption parameters concerning the data        communication network to the other pieces of terminal equipment        in accordance with an established criterion. The invention also        concerns terminal equipment implementing the system.

TETRA (TErrestrial Trunked RAdio) is a digital, wireless and trunkeddata communication standard designed especially for groups of demandingprofessional users. A system according to the TETRA standard, which iscalled TETRA system hereinafter, is developed especially to meet therequirements of, for example, public safety organisations (the police,fire department, ambulance service), organisations maintaining publictransportation (the metro, railways, airports, taxi service) and thoseof military user groups. It is a characteristic feature of all thesegroups of users that they make high reliability and security demands onthe communication.

The TETRA system is based on open standards developed by the ETSI(European Telecommunication Standard Institute) and by the TETRA MoU(Memorandum of Understanding) organisation operating in connectiontherewith.

Thus, the TETRA system is characterized by, among other things, the highdemands which its circle of users make on the security of communicationtaking place by radio way. As the air interface is known to be veryvulnerable to all kinds of eavesdropping activities, all modern wirelessdata communication systems aim in some form at attending to the datasecurity of the air interface. This means safeguarding of the connectionbetween the terminal equipment and the network infrastructure. Insidethe network infrastructure the data communication takes place astrusted, because it is extremely improbable that outside intruders couldget hold of the physical structure of the system.

The encryption method developed for the TETRA system is primarily usedin order to meet two key requirements. The first of these is a strongidentification mechanism and the second is air-interface encryption ofthe radio communication.

In the TETRA system, encryption takes place at the otherwise sovulnerable air interface both of speech and data communication betweenthe terminal equipment and the base transceiver station and also ofalmost all signalling information and identity verification informationof the pieces of terminal equipment. The air-interface encryption isbased on an assortment of keys, with which the user and signalinformation is encrypted over the air interface between the terminalequipment and the TETRA SwMI (Switching and Management Infrastructure),both in personal and group communications. The air-interface encryptionsupports several renowned standards and manufacturer-specific encryptionalgorithms.

Assuming that good algorithms and protocols are chosen, the security ofevery system using encryption is based ultimately on encryption keys andon the methods of their generation, distribution, use and protection.For air-interface encryption, the TETRA system uses several encryptionkeys, differently from e.g. the GSM system, depending on the availabletype of connection. Individual, group and DMO operations (Direct ModeOperation) all have encryption keys of their own. The distribution ofkeys is arranged in the TETRA system to take place in the air-interfaceencryption by the OTAR method (Over the Air Re-keying), which allows thesystem a way of re-keying, so that the operation of those in possessionof pieces of terminal equipment will not be unduly disturbed by thedistribution of keys.

In many cases sufficient confidence in the data transmission resultsfrom air-interface encryption without any major additional securityarrangements. However, in the TETRA system e.g. certain expert usergroups need a very high security level. Examples of such groups are thedrug divisions of the police, state crime investigation services andmilitary user groups, which often have an essentially higher securityclassification established by the state administration than can beprovided by the data transmission network using only the conventionalair-interface encryption key. Hereby the requirements for additionalsecurity concern not only protection of data transmission over the airinterface, but also that taking place in the network infrastructureproper from one terminal equipment to another.

These factors lead to additional requirements, for example, in order toachieve anonymity and more advanced confidentiality. In the standards ofthe TETRA system the need for anonymity is supported in securitymechanisms, but the latter requirement is met by end-to-end encryption(e2e), which is used in particular in situations requiring the highestdata transmission security through the entire system from a piece ofterminal equipment to another piece of terminal equipment.

The arrows shown at the bottom of FIG. 1 describe the difference betweenair-interface encryption and end-to-end encryption in the communicationbetween pieces of terminal equipment.

For example, public security organisations have specific securityrequirements established high by the state administration forimplementing end-to-end encryption, which differ e.g. from the securityrequirements of military user groups. All such organisations must beable to define their own end-to-end encryption system in accordance withtheir own requirements.

ETSI's MoU organisation has produced a recommendation (SFPGRecommendation 2), which defines all that is needed for implementationof end-to-end encryption with the exception of the details of encryptionalgorithms. In the presentation, the algorithms are presented as blackboxes. Since the intention is to provide a complete solution also forpublic groups of users, who do not make especially high requirements asregards the encryption, the recommendation includes an appended proposalfor implementation of encryption functions using the known IDEAalgorithm (International Data Encryption Algorithm).

However, it is a simple fact that although security functions areintegrated in the system, this does not guarantee perfect safety of thesystem. However, when acting in a known manner, security risks are keptat a minimum in such a way that they are concentrated into certainelements of the system, which can then be supervised at an adequatelevel.

This supervision is one of the work duties relating to securitymanagement. Another duty is to guarantee that the security mechanism isused in a proper manner and that the different mechanisms are integratedin a proper manner in order to achieve an all-covering security system.

In accordance with the state of the art, the air-interface encryption isadequate and problem-free in all respects in the TETRA system. However,despite the above-mentioned facts relating to security, the state of theart has not been able to provide an entirely user group-specific way ofimplementation to arrange end-to-end encryption. This is a desirableproperty, for example, in the said expert user groups, where theatmosphere nowadays exists as a general trend that they wish to keepe.g. their encryption keys and their algorithms entirely under their owncontrol, and they do not wish to make over e.g. to manufacturers ofterminal equipment any information on the encryption information theyuse.

In the present-day procedure, e.g. the manufacturers of terminalequipment are strongly involved with encryption-related modules, such ase.g. in the implementation of encryption algorithms and key streamgenerators. In addition, e.g. updating of encryption algorithms interminal equipment is nowadays very difficult, if not even impossible,in practice, because as a rule they have been implemented at hardwarelevel statically.

Dynamic implementations for arranging encryption in data transmissionare known at least in the PC environment. However, these are usuallyconcerned with data traffic, whereby this technology cannot be utilisedin a wireless and voice environment.

U.S. Pat. No. 5,528,693 presents encryption of data communication inspeech form. However, this is not dynamic e.g. as regards its managementof encryption algorithms, whereby fixed encryption algorithms are alwaysused in the terminal equipment.

U.S. Pat. No. 6,151,677 also presents an encryption model forimplementation in wireless terminal equipment. Here the encryption isalso arranged in accordance with the state of the art in the mannerdescribed above. The encryption algorithms are arranged in the terminalequipment's static memory as firmware, which is then run by the terminalequipment's microprocessor implemented at hardware level. Thearrangement here is one, which as regards its whole module implementingthe encryption is integrated essentially statically in the terminalequipment. In a solution of this kind the terminal equipmentmanufacturer, for example, has to commit himself to encryptionalgorithms selected by the customer, which forms a very disadvantageoussituation, for example, from the viewpoint of terminal equipmentlogistics.

It is a purpose of the present invention to bring about a system of anew kind and a corresponding terminal equipment for arranging end-to-endencryption, which improves essentially the operational prerequisites ofthe party in need of encryption, that is, the groups of users and themanufacturers of terminal equipment. The characteristic features of thesystem according to the invention are presented in claim 1 and those ofthe corresponding terminal equipment are presented in claim 5.

The system according to the invention changes the structure ofend-to-end encryption in such a way that a part of the encryptioncomponents is externalized, but the encryption proper possibly remainseven the same as before. Through the structural change and theexternalization the security level of encryption is improved essentiallyand such an additional advantage is achieved that, for example, theterminal equipment manufacturer need no longer attend to the demandsmade by user groups as regards the arranging of encryption.

In the system according to the invention, a dynamic processorenvironment is arranged for the terminal equipment, which can be used torun applications specified for it. In the system, according to anadvantageous embodiment, material of the authorities having a highsecurity level is supplied through a data communication network, so thatthe terminal equipment can carry out the duties assigned for it.Material of this kind may include, for example, end-to-end encryptioninformation, such as encryption applications. The terminal equipmentaccording to the invention provides the services and interfaces requiredfor this implementation.

According to an advantageous embodiment, the processor environmentfitted at the terminal equipment may be Java® based and specifiedaccording to J2ME (Java 2 Platform Micro Edition).

In a data communication network, which may be based, for example, onFDMA (Frequency Division Multiple Access), TDMA (Time Division MultipleAccess), CDMA (Code Division Multiple Access) or on some other wirelesstechnique, a special piece of terminal equipment is arranged, which isused for managing the distribution of encryption information, such ase.g. encryption applications.

The system according to the invention is characterized in that theencryption is carried out at software level at the terminal equipment.Compared with state-of-the-art encryption at hardware level, thisachieves dynamic encryption applications for the terminal equipment,whereby it is especially effortless to update the applications.

According to one embodiment, the updating of encryption information canbe done in such a way that the user of the terminal equipment need nottake any measures in this regard and his activity will not be disturbedin any way due to updating measures.

Another additional advantage of the dynamic application run at theterminal equipment is that it provides a command set e.g. for aprocessor card at the terminal equipment, with which it can control theterminal equipment by way of the programming interface of the dynamicapplication.

On the other hand, another advantage of the system according to theinvention from the viewpoint of the terminal equipment manufacturer isthat no such end-to-end encryption information is stored permanently inthe terminal equipment, which is not known to the manufacturer of theterminal equipment.

The other characteristic features of the system according to theinvention emerge from the appended claims, and more advantages that canbe achieved are listed in the description part.

The system according to the invention, which is not limited to theembodiments to be presented in the following, is explained in greaterdetail by referring to the appended figures, wherein

FIG. 1 shows air-interface encryption and end-to-end encryption in adata communication network,

FIG. 2 is a schematic view of an example of terminal equipment andserver implementing the system according to the invention,

FIG. 3 shows an example of programming interfaces of the systemaccording to the invention in the management of operating parameters,and

FIG. 4 shows an example of programming interfaces of the systemaccording to the invention in the management of the encryption system.

FIG. 1 is a schematic view of the fundamental differences ofair-interface encryption and end-to-end encryption in a datacommunication network, such as, for example, in a digital, wirelessnetwork 10 according to the TETRA standard.

It is obvious to the man skilled in the art that although the systemaccording to the invention is described in connection with thisapplication example in a data communication network based on the TETRAinfrastructure, the use of the system according to the invention and ofthe corresponding terminal equipment is not limited to this systemexplicitly. It can be noted in general terms that the system and thecorresponding terminal equipment may be applied generally in digital,wireless network systems, both in those being developed and in existingones, such as, for example, FDMA, CDMA, TDMA techniques and theirsubordinated definitions.

In air-interface encryption, the radio signal is relayed encrypted inthe data communication network 10 only between the wireless terminalequipment 11.1 and the base transceiver station 16.1 belonging to theinfrastructure of data communication network 10 and between basetransceiver station 16.3 and the wireless terminal equipment 11.2. Inthe actual network infrastructure (routers, bridges, repeaters,switching centres and other hardware known to the man skilled in theart) 16.1, 18.2, 17, 18.1, 16.3, the transmission of data taking placeis trusted. This means, for example, that outsiders, that is, possiblyquarters engaged in espionage, are prevented from getting physicalaccess to the connection of the equipment 17, 18.1, 18.2 forming thenetwork infrastructure 10 and to the data transmission buses betweenthem.

In end-to-end encryption, the signal travels encrypted over the wholedistance from the transmitting terminal equipment 11.1 to the terminalequipment 11.2 receiving the transmission. Hereby, the datacommunication network 10 only does the job of transporting the data.

It must be noted that standards, encryption mechanisms used in airinterface encryption, are also used in end-to-end encryption.Air-interface encryption encrypts also the signal, besides speech inbetween terminal equipment 11.1, 11.2 and infrastructure 10.

Furthermore, besides the mentioned wireless pieces of terminal equipment11.1, 11.2, various other data transmission equipment may be connectedto network 10, such as gateways 13 connecting data communicationnetworks to each other, the operator's work stations DT 14, which areused, for example, to control the formation of user groups and tocontrol their operation, line-connected pieces of terminal equipment LCT12 and special server terminal devices KMC 15 performing management ofencryption parameters and management of encryption in accordance withthe system of the invention.

FIG. 2 describes functionalities and the connections between them, whichimplement an embodiment of the system according to the invention in awireless terminal equipment 11.1, 11.2 and in a special server terminaldevice 15 performing encryption management in data communication network10.

The said special server terminal device 15 can be, for example, a dataterminal device, which is connected to the data communication network 10and in connection with which storing means dB are arranged in order tosave at least encryption parameters 19 and applications known as such,especially storing dynamic encryption applications 32. The serverterminal device 15 is arranged to have an especially high data security,because it is used to save such information, which is critical for thedata communication system.

The said encryption parameters 19 may include, for example, encryptionkeys which are to be exchanged and relayed to pieces of terminalequipment 11.1, 11.2 at more or less regular intervals using the OTAK(Over the Air Keying) method, encryption control parameters and othersuch encryption parameters known as such.

In the storing means dB for applications 32 such applications arearranged, which can be transferred to pieces of terminal equipment 11.1,11.2 by way of the data communication network 10, such as e.g.algorithms used for generation of an encryption key flow or forencryption of the actual dataflow. According to an advantageousembodiment, the applications 32 may be JAVA® applications, especially inaccordance with the J2ME (Java 2 Platform Micro Edition) specification.Other application forms, such as a pure native code which can be carriedout without interpretation, Chet, C#, BREW are also suitable for use.

At the special server terminal device 15 a management functionality 34is also arranged, which is used for management of encryption parametersand applications 19, 32 and for controlling their distribution to piecesof terminal equipment 11.1, 11.2 in accordance with the establishedcriterion.

It should be noticed that the terminal device 15 providing serverfunctionality can be implemented with any terminal of those in the TETRAnetwork 10, if resources are arranged for these for management anddistribution of encryption keys and applications 19, 32. This being thecase, the server terminal device 15 managing the applications may alsobe separate, for example, from the terminal device managing anddistributing encryption keys 19.

When terminal equipment 11.1, 11.2 is connected through an air-interfaceprotocol 19 of a kind known as such to data communication network 10, itcan receive the said encryption parameters and applications 19, 32 fromserver terminal device 15 using the chosen transfer channel andadvantageously using the chosen manner of encryption, the use of whichneed not necessarily be permanently determined.

An advantageous example of such a way of distribution used as transferchannel in the TETRA network 10 according to the example are theencrypted SDS messages. SDS (Short Data Service) is a message of theshort message type, which is relayed through terminal equipment 11.1,11.2 directly to the processor card arranged in connection with it, suchas e.g. to a SIM (Subscriber Identity Module) module, in such a way thatterminal equipment 11.1, 11.2 does not interpret the message in any way.Other examples of transfer channels for use in the measure are SMS(Short Message System) messages, GSM data and GPRS transmission.

Downloading of applications 32 in pieces of terminal equipment 11.1,11.2 can also be performed locally. This takes place, for example, insuch a way that the terminal equipment 11.1, 11.2 receiving encryptioninformation 19, 32 is in a fixed connection with the said serverterminal device 15, from which encryption information and applications19, 20 are then transferred, for example, in serial traffic form, alongan IrDA (Infrared Data) connection, Bluetooth connection or some otherbus, which is advantageous for the terminal equipment 11.1, 11.2 (notshown).

In the system according to the invention, such a functionality isarranged in connection with the terminal equipment 11.1, 11.2, whichallows, for example, flexible processing of information and whichaccording to an advantageous embodiment can be implemented e.g. with aSIM module 28. In an e2e partition 23 arranged in the memory means ofSIM module 28, those encryption keys and applications 19, 32 are stored,which are downloaded and decrypted from server terminal device 15, suchas, for example, the key stream generator.

For these measures, a SAT partition 21 (SIM Application Toolkit) isarranged in connection with the SIM module 28. The SAT partition 21provides a mechanism in between the terminal equipment 11.1, 11.2 andthe SIM module 28, which allows an application arranged at the SIMmodule 28 to interact and control the operation of terminal equipment11.1, 11.2, provided that the terminal equipment 11.1, 11.2 supports theSAT mechanism. Using the command library of SAT partition 21 receptionof encryption keys and applications 19, 32 is carried out in the systemaccording to the invention as well as decryption of their encryption andstoring them at the SIM module 28 to the e2e partition 23.

Besides the smooth updating measures, the command library of SATpartition 21 can be used for an effective management of the saidencryption data and for controlling the encryption functionality, whichis arranged from SIM module 28 to terminal equipment 11.1, 11.2 andwhich will be described later. SAT partition 21 requires SATcompatibility with terminal equipment 11.1, 11.2, whereby the saidapplications arranged at the SIM module 28 must be in a form whichterminal equipment 11.1, 11.2 can understand, whereas terminal equipment11.1, 11.2 must be able to execute the commands given to it by theapplications.

Updating of the encryption keys 19 and the applications 32 used in theencryption (key stream generator, KSG) is thus performed for the SIMmodule 28 of terminal equipment 11.1, 11.2 in an embodiment of theinvention. The software environment of the SIM module 28 may be based,for example, on the J2ME specification, which is compatible with the SATsoftware interface.

Furthermore, the features provided by the SAT partition 21 of the SIMmodule 28 include the possibility to utilise in terminal equipment 11.1,11.2 the multi-level menus stored at the SIM module 23 as well as thesimple applications or functions arranged behind them.

In the system according to the invention, application management 22 isfurther arranged at the terminal equipment 11.1, 11.2. According to anadvantageous embodiment, this can be implemented, for example, with JAM(Java Application Management). Its duty is to function as an interfacebetween the terminal equipment's 11.1, 11.2 RTOS (Real Time OperatingSystem), the SAT partition 21 arranged at the SIM module 28 and allowingthe application commanding the terminal equipment 11.1, 11.2 and theKVM, that is, the Java® virtual processor 20. The JAM 22 is used tocontrol the stack of applications 32 downloaded at the terminalequipment 11.1, 11.2 and their downloading at the virtual processor KVM20.

Thus, on the RTOS of terminal equipment 11.1, 11.2 a Java® virtualprocessor KVM 20 (Kilobyte Java Virtual Machine), for example, is run,which is preferably in accordance with the J2ME specification (Java 2Platform Micro Edition). Hereby the processor 20 is preferablyconfigured in accordance with the MIDP specification (Mobile InformationDevice Profile), whereby the KVM 20 will need only a minimum number ofclass libraries and necessary APIs (Application Protocol Interface). JAM22 attends to the interface function together with SAT partition 21 ofthe SIM module 28, that is, its duty is on behalf of the KVM 20 tocontrol the storing, fetching and returning of encryption applications32 in between the memory means of terminal equipment 11.1, 11.2, the e2epartition 23 of the SIM module 28 and the KVM 20. In addition, JAM 22 isused to control the downloading of Java® applications, that is, MIDdletsfrom the data communication network 10 (dotted arrow).

The user level of terminal equipment 11.1, 11.2 has an analog audiosection 25 of a kind known as such, which includes at least microphonemeans 25.2 for receiving the user's speech and loudspeaker means 25.1for listening to the transmission received by terminal equipment 11.1,11.2. The audio signal undergoes AD conversion (encoding) in a mannerknown as such in speech codec 24 located in the digital section of audiosection 25, which will result in a dataflow to be encrypted.Correspondingly, when receiving a transmission, the dataflow decryptedfrom encryption will undergo in speech codec 24 DA conversion(decoding), so that through loudspeaker means 25.1 it can be listened toand understood by the user of terminal equipment 11.1, 11.2.

Furthermore, the terminal equipment 11.1, 11.2 includes a connectioninterface for external data terminal equipment (DTE) 26, which can beused for downloading encryption information, such as keys andapplications, in the terminal equipment 11.1, 11.2 from the serverterminal device 15 or such without any connection with the actual datacommunication network 10.

FIG. 3 is a schematic view of an advantageous manner of implementationof the system according to the invention in the control of operatingparameters as an interface description. The cross-lined area of thefigure shows a part implemented as Java®-MIDdlet 27, which is thus runwith KVM 20 dynamically on the RTOS of the terminal equipment. Theoperation of MIDdlet 27 is described in the following first from theviewpoint of the traffic to be transmitted and then from the viewpointof the traffic to be received.

In the application example, two functional API interfaces are arrangedin connection with MIDdlet 27. The first interface is audio API 29,behind which an audio section 25 is arranged in the user interface (amicrophone 25.2, a loudspeaker 25.1, among other things), as well as aspeech codec 24 and other functionality, which is obvious to the manskilled in the art and which is not shown in the figure. In the APIdefinition, what is essential from the viewpoint of the invention is theplain data traffic arriving from codec 24 to MIDdlet 27 and departingfrom MIDdlet 27 to codec 24.

In the system according to the invention, the AD converted dataflow(plain traffic) is thus captured from the user-level audio API 29 andsupplied for processing to the Java®-MIDdlet encryption application 27run by the terminal equipment's 11.1, 11.2 processor, that is, the KVM20. The application 27 executes, for example, a XOR operation or someother chosen encryption application, which is brought to the terminalequipment 11.1, 11.2 in accordance with the system of the invention.

The other interface to Java® MIDdlet 27 is SIM API 28.1, behind which isshown the functionalities of the SIM module's 28 e2e partition 23, whichare essential for the invention, and the encryption parameters to bekept therein. The key stream generator KSG to be run in the SIM module's28 e2e partition 23 is given as input the TEK (Traffic Encryption Key)when encrypting data traffic and the numerical value IV (InitializationVector) for carrying out synchronization of the encryption.

The encryption key is supplied by server terminal device 15 to terminalequipment 11.1, 11.2 and the IV is generated at terminal equipment 11.1,11.2 according to the known technology. Key stream generator KSGproduces a key stream segment, which is guided by way of SIM API 28.1 toMIDdlet 27 for the encryption application XOR. In addition, the keystream generator KSG produces a synchronization frame (Synch frame),which is given through SIM API 28.1 to the synchronization functionality33.1 (Synch Control) brought about by MIDdlet 27.

A serial port API is another alternative way of implementing the SIMinterface 28.1. Hereby such an encryption module is fitted in the outerconnection interface of terminal equipment 11.1, 11.2, which may be e.g.in connection with its battery. Hereby the management information of keystream generator KSG may be addressed to the connection interface inquestion. Furthermore, the key stream segment produced by the encryptionmodule can also be read from the external connection interface for XORand/or XOR′ operations.

Furthermore, the terminal equipment 11.1, 11.2 may also be implementedin such a way that no encryption module providing encryptionfunctionality is connected to its outer interface (for example, a serialport API) and the terminal equipment 11.1, 11.2 does not either includeany SIM module 28. In this case, the end-to-end encryption functionalityaccording to the invention can be implemented in such a way that in theapplication example described above the encryption functionality 23arranged at the SIM module 28 is also implemented as an application tobe downloaded. Hereby the security of the terminal equipment 11.1, 11.2must be especially ensured.

The dataflow encrypted by the XOR operation is supplied further to thesynchronization control (Synch Control) performed by MIDdlet 27. This isused to perform functions known as such with the dataflow. From SynchControl the encrypted dataflow (crypt traffic′) and the synchronizationframe (synch frame) exit from the MIDdlet through the audio API 29interface to the MAC (Medium Access Control) layer and further to thephysical layer 30.

In the MAC layer, radio frequencies and time slots are managed andframes are stolen for synchronization. In the physical layer, stepsknown as such are taken, such as, for example, coding and decoding ofthe dataflow (air-interface encryption/decryption) and furthertransmission/reception. Further, the encrypted data is transmitted tothe data communication network 10, where it is transferred in anend-to-end manner known as such in terms of encryption technology to thereceiving terminal equipment 11.2. If stealing of frames is done in theSynch Control, then no synch frame, synch frame′ interfaces are needed.

The synchronization of the encrypted dataflow to be transmitted andreceived is arranged with memory means of the terminal equipment 11.1,11.2 either buffered or another method is to do it with a flow controlprotocol. This is done to make sure that the packets to be transferredfrom terminal equipment 11.1, 11.2 to network 10 and from network 10 toterminal equipment 11.1, 11.2 (uplink/downlink traffic) are in thecorrect order and time.

When the terminal equipment 11.1 receives e2e transmission, theencrypted data (crypt traffic′) and the synchronization frame (synchframe′) are received in MIDdlet 27 through the audio API 29 interfacefrom the physical layer 30 of the terminal equipment 11.1. Thesynchronization of the dataflow is desynchronized by a functionality(Synch Detect) 33.2, which is arranged for the purpose in MIDdlet 27.Based on the synchronization, the decryption key and algorithm to beused are chosen.

The encrypted dataflow (crypt traffic) is guided to the algorithmperforming the inverted function XOR′ of the XOR operation, and the keystream segment KSS needed for decryption of the encryption is obtained,for example, from the encryption key stream generator KSG of the e2epartition 23 of SIM module 28, which generator receives as input TEK andthe Synch frame′ received from Synch Detect 33.2. Further, the decrypteddataflow (plain traffic) is guided through audio API 29 to audio section25 of terminal equipment 11.1 and after known intermediate stages (DAconversion, among others) it is turned into a form, which the user willunderstand and which is to be listened to with the aid of loudspeakermeans 25.1.

FIG. 4 shows an example of the programming interfaces of the systemaccording to the invention in connection with management of theencryption system. Key management 28.2 and SAT 21 are arranged at theSIM module's 28 e2e partition 23. The interface provided by the terminalequipment's 11.1, 11.2 SIM module 28 may be connected to the public userinterface of the MIDP of MIDdlet 27. Hereby the MIDdlet 27 to bedownloaded implements such an interface for the SIM module 28, throughwhich this can control the operation of terminal equipment 11.1, 11.2.Hereby the SAT functions are thus converted into MIDP-API functions.

The SIM module's 28 e2e partition 23 is connected through SIM API 28.1with the SAT 21 implemented in Java® MIDdlet 27. SAT 21′ of MIDdlet 27is connected through the Messaging API interface 35 with TNSDS-SAP 31(TETRA SDS Service Access Point). The TNSDS-SAP 31 is a protocol bywhich user applications are allowed to utilise the SDS transfer bearer.Data transmission and reception may be performed both as SDS and as SMS(Short Message Service), as in GSM.

According to an advantageous embodiment, the application 27 downloadedat terminal equipment 11.1, 11.2 may besides implementing an interfacefor the SIM module 28 also independently control the operation ofterminal equipment 11.1, 11.2 by way of the programming interface 36.Hereby the application 27 downloaded at terminal equipment 11.1, 11.2will allow SAT functionality 21′ for the terminal equipment, using theprogramming interface 36 (MIDP-API) existing at the terminal equipment11.1, 11.2. This feature is very useful generally, and this being thecase it is not only end-to-end encryption-specific in any way.

If the SDS data to be transmitted to terminal equipment 11.1, 11.2 is,for example, encryption keys or applications, then the SAT 21′ ofMIDdlet 27 will process and guide these to the SIM module 28 through themessage protocol 28* of SIM API 28.1. At the SIM module 28 the saidencryption information is processed in the way described above.

If the information arriving through the SDS carrier is, for example,pictures, games, animations, sounds or other such information, thenthese are guided directly along MIDP's ordinary API 36 from SAT 21′implemented from MIDdlet 27 to the terminal equipment's 11.1, 11.2 userinterface, which includes, for example, a keyboard, a display and aloudspeaker 25.1.

Thus, the terminal equipment 11.1, 11.2 is used to run a dynamic virtualprocessor KVM 20, where when the end-to-end encryption is active itsimplementing MIDdlet 27 is run by the dynamic virtual processor 20. Ifthe user of the terminal equipment 11.1, 11.2 wishes to activate someother Java® application, then performance of the encryption applicationis stopped, and a notification to the user then follows. The encryptionapplication may possibly also be run in a background mode, if allowed bythe resources of the terminal equipment 11.1, 11.2 and the virtualprocessor.

At the user interface the Middlet encryption application 27 can beimplemented in such a way that it is always active or, alternatively, itcan be activated separately by the user. When the application 27 is setto be active at all times, its activation will take place automaticallyas the terminal equipment 11.1, 11.2 is turned on. In the terminalequipment 11.1, 11.2 there may be one or more applications, whereby theywill need some kind of separator to separate them from any otherapplications.

The manner of implementation chosen by the user is known, for example,from the GSM terminal equipment. There the user may activate theapplication of his choice in a Java application menu. The printouts ofthe Middlet application (menus, graphic elements etc.) are preferablypresented, for example, as a submenu, because they may otherwise causeconfusion at the proper user interface UI of the terminal equipment. Ata normal user interface it is possible to present, for example, an icon,through which access is possible to the MIDdlet application menu.

Applications which can be run may also be classified according todifferent criteria. Hereby special rights may be established, forexample, for the encryption application according to the invention.

The system according to the invention provides the groups of users ofterminal equipment 11.1, 11.2 with a significant improvement of thesecurity features of encryption information. For example, the group ofusers may exchange keys for longer ones according to their personalneeds, which may be used significantly to increase the security of theencryption.

It should be understood that the above explanation and the relatingfigures are only intended to illustrate the system according to thepresent invention. Thus, the invention is not limited only to theembodiments presented above or to those defined in the claims, but manysuch different variations and modifications of the invention will beobvious to the man skilled in the art, which are possible within theinventive idea defined in the appended claims.

1. System in a digital wireless data communication network for arrangingend-to-end (e2e) encryption, especially for communication in audio form,in which data communication network two or more pieces of terminalequipment communicate with one another, including at least a codec toconvert an audio signal into a dataflow and vice versa, air-interfaceencryption means, means for management of encryption parameters storedin connection with the terminal equipment) an encryption key streamgenerator KSG to generate a key stream segment (KSS) with the saidencryption parameters means for encrypting a dataflow and for decryptionof the encryption with the generated key stream segment, means forsynchronization of the encrypted dataflow and for de-synchronizing thesynchronization, and at least one interface for receiving the encryptionparameters from the data communication network, and wherein at least oneof the pieces of terminal equipment belonging to the data communicationnetwork is fitted to function as a special server terminal device, whichmanages and distributes at least the encryption parameters concerningthe data communication network to the other pieces of terminal equipmentbased on an established criterion, characterized in that in the datacommunication network a special server terminal device is also arranged,which is arranged to manage at least encryption and/or synchronizationapplications and to distribute these based on an established criterionto the other pieces of terminal equipment and functionalities arearranged in the terminal equipment for downloading and managing the saidapplications and data memory for storing the applications and aprocessor and operating memory for carrying out the applications. 2.System according to claim 1, characterized in that the terminalequipment is adapted with the said processor to run applicationsaccording to the J2ME (Java 2 Platform Micro Edition) specification. 3.System according to claim 2, characterized in that the terminalequipment is configured in accordance with the MIDP (Mobile InformationDevice Profile) specification.
 4. System according to any one of claims1, characterized in that downloading of applications at the terminalequipment is arranged to take place in a self-organizing manner, suchas, for example, as SDS (Short Data Service) messages.
 5. Digitalwireless terminal equipment, to which functionalities belong, at least amodule for carrying out encryption, one or more modules for carrying outsynchronization, and a module for receiving and managing at leastencryption keys, characterized in that the functionality of at least onemodule is adapted for implementation with a dynamic application based ona program.
 6. Terminal equipment according to claim 5, including atleast a SIM module, characterized in that the said application isadapted to arrange command functionality at least at the interfacebetween the SIM module and the terminal equipment through theprogramming interface (MIDP API) of the application.